When it comes to disasters, people and businesses tend to think big, really big. Take for example Superstorm Sandy that hit the eastern US earlier in November. It can be pretty much guaranteed that a whole string of businesses will be preparing diligently for the next big storm. While this is important, smaller issues that happen at a higher frequency will be pushed to the side. One common issue revolves around passwords, and who manages them.

Search for Terry Childs online and you’ll find a number of articles about a former Network Administrator for the city of San Francisco who is currently in jail for supposedly doing his job. His job, as a network administrator, was to manage the city’s network. When he was asked by his boss for the passwords to critical parts of the network, he refused on the grounds that the request went against the established network policy.

Issues like this: One employee or vendor in control of vital passwords, can pose a big problem to companies, especially during times of disaster. Imagine if you work with an administrator who is based in New York, and they lost power during Sandy. What could you do if your network crashed, or you needed access to your system and someone else has all the passwords?

The most crucial factor is you shouldn’t trust one person or organization with passwords to vital systems. We don’t mean personal passwords to systems, we mean passwords to vital systems, like servers or Internet connections. If one person has the passwords, there’s just too much risk. If they are disgruntled, they have the power to do some serious damage, and if they are injured or are no longer alive, you’ll face untold amounts in lost profit, and fees in recovering passwords and information.

There are a number of things you can do to mitigate problems like these.

Keep a password list – It could be a good idea to keep a physical list of the more important passwords. This is an important document, so it’s a good idea to not leave this one lying around. If you have a safety deposit box or safe in the office you can put the list here.

Set passwords to the position, not the employee – Many companies will often give passwords to one person who will be in charge of these. When they advance, or if they switch roles, they will often take a password with them. Instead, look at organizing this a different way around: Assign a password to the position rather than an individual so that when they leave the person filling their role is given this password instead.

Assign a person to be in charge of passwords – This is a good idea, especially if you work with Managed Service Providers. A person of authority within your organization should be the main contact person, and they should have copies of all passwords given to outside companies.

Change passwords regularly – To avoid having employees steal things it’s a good idea to change your passwords on a regular basis. If an employee leaves a position and is in charge of an important password, you should take steps to change this scenario even if you trust the person.

Create the right policy – If you are going to share passwords, or have a limited number of people who know them, it’s a good idea to create a policy that clearly defines: what position has access to what; what happens when someone leaves; how to recover passwords; how many backups will be kept; how and when the password is to be shared. Basically you want to ensure you aren’t caught flat footed. With employees, confidentiality agreements that explicitly state what they can and can’t share and the consequences of breaching the policy should also be clearly defined and followed.

Pick who to trust – Important passwords shouldn’t be shared with everyone, and you should take steps to vet the trustworthiness of the person or company you will be giving passwords to. If you have an established sharing process, and a vendor you’re considering working with is pushing a policy that is different from yours, it may be a good idea to look for someone whose policies are closer to yours, or who can work around your policies.

If you are in the unfortunate position of not having the passwords to your system, it’s a good idea to get in touch with IT professionals like us, as we are often able to recover systems and passwords, or at the very least, reset them. After you recover your systems, it’s a good idea to test for vulnerabilities, especially if the last person in charge had a tendency to not share information. We can help with this and any other concerns with password management and recovery, so please contact us if you would like to learn more.

If the scale of natural disasters in 2012 is any indicator of what 2013 is to bring, we could see an increase in the severity of the weather. For businesses, this often means disruption of key services. We don’t have to tell you that any disruption in service could have a drastic negative impact on profits. To mitigate potential losses, many companies are turning to Business Continuity (BC). Those just starting to develop their own plans are often at a loss due to the scale of the project. We’re here to help make it a bit less daunting.Here’s four questions you should answer when looking into adopting a Business Continuity plan.

1. What systems need to be recovered first? A good idea is to request each department/role list their essential systems and rank them in the order they need them back online in order to do their jobs. From here, you can compare answers and rank them in priority. For example, If all roles say they need Internet connection back online first, you know that the Internet is the first system that needs to be recovered.2. What do we need to assure customers of stability? For the majority of businesses, the customer is the lifeblood. However, most customers will only stick around for a limited amount of time before going to a competitor if your business can’t meet their needs. To keep customers loyal during a time of disaster, you need to prove you are either stable, or working to get there. Some examples of this could be a backup site with basic functionality that can take the place of your main website if it goes down.3. What do business partners require? Your business partners are just as important as your customers and are often the link between the two. With partners, you often have set requirements that you need to meet in order to continue order fulfillment and shipment. You need to be aware of what these are and the related systems. After all, how are you going to get your product to your customers?4. Are there any contractual requirements with vendors? Businesses that work with suppliers or vendors often have contractual obligations such as payment due on a certain date, or a set product order volume to fulfill the contract. As with business partners, you need to be clear on what these obligations are, and how you meet them. For example, if you pay a supplier on the 10th of every month, most will expect payment on the 10th, regardless of if you are operational or not.

Once you have the answers you needed you can take a step back and try to come up with a timeline of how long continuity actions should take and what your priorities are. From here, you can draft an actual plan, or look for vendors that can work with your systems and provide a continuity plan or service that meets your needs.

If you are looking for a business continuity system for your business please give us a call, we may have a solution that fits with your business.

One of the more important elements of a successful business is a well defined direction and set of policies that give employees a form of direction and a guide on how they should conduct themselves. Many companies without basic policies often struggle with employees who do what they think is right, or worse, nothing at all. Don’t let this happen at your company, instead, create solid policies.

Below are six things to consider when developing your next policy.

You need a policy for policies – This sounds a little weird, but in order to draft effective policies, you should first draft a policy on drafting policies. It doesn’t have to be long, but should cover when and why a new policy is needed; the format to use; and the policy for drafting and approval of new policies.

Does your planned policy already exist? – Before you go spending time on drafting a completely new policy, you should first check and see if any existing policies cover what you’re planning to write about, or if they cover some aspects. If they do, instead of creating a new policy, it’s much easier to update existing ones.

Consider the need – If someone does something you don’t like or agree with, don’t simply go and create a new policy out of spite, or as a knee-jerk reaction. If you find yourself doing this, take a step back and let the policy sit for a few days or weeks and revisit the issue to see if it is really necessary. If you deem it significant enough, get input from colleagues. They may offer valuable help, or have other ideas. The goal with policies is that there should be a crystal clear need for them, or a clear problem to solve.

Make the policy understandable – Have you ever read policies enacted by governments or large companies? Of course you have, but how much did you understand? If you aren’t a lawyer, there is likely some parts you don’t understand. You should make your policies understandable and readable by everyone in the company. Leave legal language to the lawyers, and clearly define any and all acronyms and jargon. Beyond that, the use of modal verbs and positions instead of names is highly encouraged.

Include exceptions – Rules set in stone will often be broken. When writing a policy, it is a good idea to include exceptions whenever possible. If you don’t include these yet constantly make them in practice, you’re undermining the policy. If you find these exceptions become relevant in the future, update the policy to include them.

Be flexible – You should write some wiggle room in the policies. If you have an ironclad policy employees will come to rely on it, and if something happens what goes against the policy, they could use the ‘it’s company policy’ line as an excuse not to take the right action. The common trend is that new policies essentially provide the guidelines for empowerment.

If you take steps to ensure the policy is as comprehensive as possible, and your employees understand each and every aspect of it, they will be more than likely to follow it. Do you have any other tips on writing policies? Let us know.

If you have more than one computer you are likely aware that they are vastly different. One may be faster and the other may be slower but has been running like a charm for the past five years. Over time, computers will slow down, generally running much slower than they did when you first bought them The big question related to this is: Why does this happen?

Here’s five reasons why your computer may run slow:

It’s all in the mind

Well, mostly all in the mind. Technology, especially laptops and mobile devices, is advancing at such a fast pace that new devices constantly push speed boundaries. Use a laptop from last year and it just feels slow, when in truth the difference between last year’s and this year’s model is normally not noticeable performance wise.

Another reason is because of the other devices we use. Think of any new flagship mobile device, it’s really fast; most of us have and use these devices on a daily basis. While they may not look it on paper, many mobile apps are simply faster than their desktop counterparts.

Think of accessing email on your computer.You have to find the program, click on it, wait for it to load and then wait for the program to fetch new emails. Compare this to your mobile device where you tap the Email icon, and have nearly instant access. While both programs offer the same service, they do work differently with the mobile apps, constantly looking for emails while computer counterparts usually look for emails only when the program is open. This usually means the mobile app is perceived to be quicker.

It’s partly because of experiences like this, that everything is available instantly on the mobile device and less so on computers, that some users perceive their system is running slowly due to being used to using a mobile device.

It’s what you’ve downloaded

Another reason why your computer might be running slowly is because of the programs you’ve downloaded. If you torrent, visit explicit websites or simply click on and agree to everything, your computer will run slowly because many of those seemingly helpful programs are actually malware or viruses that when installed will slow your computer down, or worse steal confidential information and files.

The same goes for explicit websites and torrents. Many of the ads and pop-ups contain viruses that can install themselves, or be installed without you knowing. For torrents, files may contain viruses disguised as movies or other popular file types. If you torrent, or visit explicit websites you should have malware and virus scanners operational and up-to-date. That new movie just out in theaters and already a torrent? It’s likely a virus, steer clear of them. It’s probably better if you don’t download illegal torrents at all.

It’s how you run it

There’s a common belief out there that computers are meant to be left on and that turning a computer off will somehow harm the internal components. This is a myth, there are only three times a computer should be constantly on:

You’re working with programs that take a long time to run like CAD or other 3D/video rendering.

If you computer doesn’t fall into these criteria, then it’s perfectly safe to turn it off. What does this have to do with a slow computer? Computers left constantly running have proven to have increased degradation of both kinds of memory, especially RAM; and the processor. Both RAM and the processor are integral components related to running programs. A degraded stick of RAM or a stressed processor will slow computers down. Turning a computer off when not in use will extend the life of the components while also reducing electrical draw, meaning cheaper electric bills.

It’s the Wi-Fi

Most offices, stores and homes now have Wi-Fi. The only issue is, current Wi-Fi routers are limited in the connection speeds they can offer. Have a 300Mb connection, and a 85 Mbps Wi-Fi router? The Wi-Fi connection speed will be a maximum of 85 Mbps, which will decrease depending on how far you are from the router and how many users or devices there are connected.

If you’ve had the router for more than a couple of years, and noticed that your computer is really slow when surfing the Internet or running Internet related programs like Office 365 or online games, it may be time to upgrade to a faster router. If your business connection is slow, then it’s best to contact a vendor to help upgrade all your systems. This could also indicate a virus or other form of malware infecting your system. Running a Virus and malware scan could help as well.

It’s old

Finally, your computer may be running slow because it’s old. A PC or Mac from 5-7 years ago has close to the same processing power of the modern smartphone. Combine this with constant use – especially for laptops – a full hard drive, and any of the above reasons, and your computer will be slow compared to when it was brand new. You can try wiping the hard drive and starting again, but computers older than about seven years will likely not be able to run the most modern programs efficiently.

For example: Still on a computer running Windows XP and want to upgrade your current copy of Microsoft Office to 2013 when it’s released? Not going to work. Using a Macbook from 5 years ago, and want to upgrade to OS X 10.8 to take advantage of the supposed speed gains? Most MacBooks won’t be able to run it efficiently enough to notice a gain in speed, resulting in a slower operating experience.

There are many reasons as to why your computer is running slowly. If you’re unsure, you can always contact us, we can help.

When people think of hackers, they think of computer geniuses hidden from view in some warehouse, plugging away at their terminals using various tools to break into networks and websites. Sure, this is true, but there is a massively soft target that hackers employ that completely bypasses traditional hacking channels — social engineering.

Social Engineering is the term applied to a type of deceptive interaction that generally involves some sort of impersonation to glean information from an unsuspecting victim.

We’re mostly used to phishing emails, virus-laden websites, and the like, and have learned to stay away from anything that reads funny or looks suspicious. However, very few of us are trained to safeguard against actual human beings contacting us directly, either via phone or in person. An email flagged as spam requesting password details for instance we would likely disregard, but a sincere sounding phone call from a support representative requesting your password details, we might not have our guard up for.

All organizations concerned about the security of their data should formally coach their employees on a whole slew of potential tactics social engineering hackers might employ on them. It’s important your organization is not blind to this wide open security window.

A special tax break has been extended by the IRS that allows you to deduct the IT expenditures of your businesss in 2011 all in one year.

Previously, you’d have to deduct the expense over the course of several years. Now, a new tax code called Section 179 allows you to take a deduction as an expense rather than as property that depreciates.

At this stage, the provisions allow up to $500,000 worth of deductions. These include computer systems, tablets, printers, smartphones, accessories, chairs, tables, furniture, and even manufacturing equipment / vehicles above a certain weight.

The way it works is if you spend any profits you make in 2011 on IT equipment, you only pay taxes on the remainder. With smart planning, this can tremendously ease the burden of running your business.

This program was meant to expire last year, but this provision has been extended to the end of 2011. This makes this year a wonderful year for purchases, as it allows you to take an immediate write-off.